<?php
/**
 * Page Template
 *
 * Loaded automatically by index.php?main_page=account.<br />
 * Displays previous orders and options to change various Customer Account settings
 *
 * @package templateSystem
 * @copyright Copyright 2003-2005 Zen Cart Development Team
 * @copyright Portions Copyright 2003 osCommerce
 * @license http://www.zen-cart.com/license/2_0.txt GNU Public License V2.0
 * @version $Id: tpl_account_default.php 4086 2006-08-07 02:06:18Z ajeh $
 *
 */
global $db;

/*****************************************functions*******************************************/
function addColumnIfNotExist($col_name, $table_name, $db)
{
    $check = "SELECT " . $col_name . " FROM " . $table_name . " limit 1";

    if (false === mysql_query($check)) {
        $db->Execute("ALTER TABLE " . $table_name . " ADD " . $col_name . " VARCHAR(255)");
    }
}

function generate_public_form($db, $nick)
{
    $s = "SELECT * FROM " . TABLE_CUSTOMERS . " WHERE customers_nickname = '" . $nick . "'";
    $result = $db->Execute($s);
    if (isset($result->fields) && $result->fields['customers_public'] == 1)
        $isPublic = 'Yes';
    $checked = $isPublic == "Yes" ? ' checked="yes"' : "";
    echo  '<br><br><form method="post">Public status: ' .
        '<input type="checkbox" name="isPublic" value="Yes" ' . $checked . '/>
        <input type="submit" name="public" value="Save" />
    </form>';
}

function generate_upload_file_form()
{
    echo '<form action="' . $PHP_SELF . '" method="post"
          enctype="multipart/form-data">
        <label for="file">Image:</label>
        <input type="file" name="file" id="file"><br>
        <input type="hidden" name="nick" value="' .
        $_GET['nick'] . '"><br>
        <input type="submit" name="Upload" value="Upload">
            </form>';
}

function generate_follow_profile_form()
{
    echo '<form action="' . $PHP_SELF . '" method="post">
              <input type="hidden" name="customerID" value="' .
        $_GET['id'] . '"><br>
        <input type="submit" name="Follow" value="Follow">
            </form>';
}

/**
 * @return bool
 */
function isItMe()
{
    return getNickName($_SESSION['customer_id']) == $_GET['nick'];
}

function debug_upload()
{
    echo "Upload: " . $_FILES["file"]["name"] . "<br>";
    echo "Type: " . $_FILES["file"]["type"] . "<br>";
    echo "Size: " . ($_FILES["file"]["size"] / 1024) . " kB<br>";
    echo "Temp file: " . $_FILES["file"]["tmp_name"] . "<br>";
    echo "nick: " . $_POST['nick'] . "<br>";
}

/**
 * @param $db
 * @return string
 */
function check_and_upload_file($db)
{

    $allowedExts = array("jpg", "jpeg", "gif", "png");
    $extension = end(explode(".", $_FILES["file"]["name"]));
    if ((($_FILES["file"]["type"] == "image/gif")
        || ($_FILES["file"]["type"] == "image/jpeg")
        || ($_FILES["file"]["type"] == "image/png")
        || ($_FILES["file"]["type"] == "image/jpg")
        || ($_FILES["file"]["type"] == "image/pjpeg"))
        && ($_FILES["file"]["size"] < 2000000000)
        && in_array($extension, $allowedExts)
    ) {
        if ($_FILES["file"]["error"] > 0) {
            echo "Return Code: " . $_FILES["file"]["error"] . "<br>";
            return;
        } else {
//            debug_upload();
            //upload and insert to DB

            $extension = end(explode(".", $_FILES["file"]["name"]));
            $file_path = "images/users/" . $_POST['nick'] . "." . $extension;

            move_uploaded_file($_FILES["file"]["tmp_name"],
                "images/users/" . $_POST['nick'] . "." . $extension);

            $sql = "UPDATE " . TABLE_CUSTOMERS . "
                         SET    customers_info_image = '" . $file_path . "'
                          WHERE  customers_nickname = '" . $_POST['nick'] . "'";
            $db->Execute($sql);
            return;

        }
    } else {
        echo "<p><font color='red'>Invalid file</font></p>";
    }
}

//functions for insert relationship

function create_customers_relationship_table($db)
{
    $create_table = "CREATE TABLE IF NOT EXISTS `customers_relationship` (
        customers_from_id varchar(50),
        customers_to_id varchar(50),
        UNIQUE KEY `value1` (`customers_from_id`, `customers_to_id`)
    )";
    echo $create_table;
    exit();
    $db->Execute($create_table);
}

/**
 * @param $db
 */
function set_a_relationship($db)
{
//    create_customers_relationship_table($db);
    $from = getNickName($_SESSION['customer_id']);
    $to = $_GET['nick'];
    $insert_apair_sql = "INSERT INTO `customers_relationship` (`customers_from_id` , `customers_to_id`) VALUES ('" . $from . "'" . " , '" . $to . "')";

    $db->Execute($insert_apair_sql);
}

function getNickName($id)
{
    //$sql = "SELECT * FROM `customers` WHERE customers_id='$id'";
    $sql = "SELECT customers_nickname FROM " . TABLE_CUSTOMERS . " WHERE customers_id='" . $_SESSION['customer_id'] . "'";
    global $db;
    $result = $db->Execute($sql);
    return $result->fields['customers_nickname'];
}

function get_array_I_following($me)
{
    $sql = "SELECT * FROM customers_relationship WHERE customers_from_id='$me'";
    global $db;
    $stars = $db->Execute($sql);
    return $stars;
}

function get_array_users_followed_me($me)
{
    $sql = "SELECT * FROM customers_relationship WHERE customers_to_id='$me'";
    global $db;
    $victims = $db->Execute($sql);
    return $victims;
}

function get_image_from_id($id)
{

    global $db;
    $sql = "select * from " . TABLE_CUSTOMERS . " where customers_id = '" . $id . "'";
    $result = $db->Execute($sql);
    if (isset($result->fields) && ($result->fields['customers_info_image'])) {
        return zen_image($result->fields['customers_info_image'], '', 50, 50, '') . "<br><br>";
    } else
        return null;
}

function get_image_from_nick($nick)
{

    global $db;
    $sql = "select * from " . TABLE_CUSTOMERS . " where customers_nickname = '" . $nick . "'";
//    echo $sql;
    $result = $db->Execute($sql);
    if (isset($result->fields) && ($result->fields['customers_info_image'])) {
        return zen_image($result->fields['customers_info_image'], '', 100, 100, '') . "<br><br>";
    } else
        return $result->fields['customers_nickname'] . "<br><br>";
}

?>